Zeus Attacking Internet Payment Services

Security researchers at Trusteer the security company warn that they've discovered fraudsters employing Zeus the widely known banker Trojan to attack an increasing number of services, which process Internet payments and exchanges for people in currencies -virtual or real.

Reportedly, 26 separate configurations of Zeus have been detected that attacked MoneyBookers an Internet payment service at the time the security company conducted its research.

States Trusteer that configuration files represent instructions as to which websites must be attacked to steal login credentials, exploit HTML pages that are supplied to users' contaminated PCs as well as other details.

Says Amit Klein Chief Technology Officer of Trusteer, all of the configuration files of Zeus instructing to attack MoneyBookers aren't very much distinct from those that specify reputed banks for attack. Softpedia.com published this on January 21, 2011. According to the expert, the just-mentioned observation typically suggests that the business surrounding MoneyBookers as a target was apparently thriving for fraudsters.

Thereafter, Trusteer outlines that fraudsters are targeting another online money payment service WebMoney, which has around 11m members, revealing that 13 Zeus variants, the final one introduced on January 16, 2011, try for capturing the login details that users of WebMoney utilize.

Moreover, Trusteer observes that Nochex, also an Internet payment system, which caters to small enterprises, too has been attacked though with 12 Zeus configurations.

Meanwhile, alongside all the said Internet money payment providers, Zeus miscreants are further targeting netSpend a pre-paid card supplier along with e-gold that cyber-criminals previously exploited as an entity for payment clearances.

Trusteer notes, the original e-gold login web-page asks for the passphrase and account number of its users while employing CAPTCHA meant for protecting from automatic cracking of brute-force passwords.

So, when Zeus attacks e-gold users their computers are presented additional elements that ask for a substitute password to access the e-mails accompanying those users' accounts so those accounts can be compromised.

Remarking about the latest discovery, Trusteer states that this new tendency for attacking online payment services is sure to remain as increasing numbers of retailers let consumers use the facilities. PCWorld.com published this on January 22, 2011.